Discussion in 'other anti-malware software' started by liba, Feb 2, 2018.
I take that as a no.
Hang in there Circuit. I bet ya can.
I confirm you can, I did it.
Glad to hear that.
It had previously been raised here: https://www.wilderssecurity.com/threads/blackfog-privacy.400343/page-18#post-2810938
@Circuit Yes there is a setting on the account to stop that. Be aware that it will stop working though if it is not renewed within a 7 day grace period. This will also be the case for the monthly billing option we will be adding shortly.
Out of curiosity, I tried to open a "New private window with Tor" in the Brave browser last night and BFP started issuing dozens of "Threat Detections." (I'd never tried this feature of Brave before.)
Other than shutting down BFP, which is what I eventually did, is there a way to disable this from within BFP such that other protections remain in place?
I will get the team to look at that, but since it uses TOR I am not surprised by that as effectively we are stopping the use of the Dark Web using TOR anyway. You shouldn't really need to do that if you are running BlackFog anyway. But we will review it just out of curiosity.
Thanks, I'll keep an eye out for what the BFP team discovers.
Ok so yes its working exactly as intended by blocking the TOR component here. If you must use that feature then just simply toggle the Dark Web setting off and it will allow it to utilize that feature of Brave. But if you are using BlackFog you really don't need to use that anyway as we are stopping the exfiltration from those sites anyway. Effectively you have the choice which way you want to go.
Thanks Darren, this is all useful to know. I appreciate your looking into it.
Darren, I quite often get a PR_CONNECT_RESET_ERROR in Firefox (now 77.0.1, and previously) and have traced it to BFP.
If I activate Install Mode, the page loads.
Is there some setting to tweak to avoid this?
Don't know if it's relevant but I do use the EFF HTTPS Everywhere extension.
I've seen the same thing while trying to access YouTube at different times, but not often. @Darren Williams knows about my issue so your report may be very helpful.
Edit: I've found when that happens if I disable 'Execution' I can then get to YouTube.
Edit 2: I also use HTTPS Everywhere.
Yes Krusty, indeed YouTube ... also Google Calendar and Contacts a moment ago.
Indeed happens less often than a while back, not sure now if that was an earlier version ... I had it often then, now not so much.
Thanks for the 'Execution' tip.
Edit: Currently YouTube not replicatable.
Yes, we know what that is actually. We might send you guys a beta of the next version to verify it is resolved. We are seeing that many of the sites are now doing some protocol weirdness with HTTPS and not strictly adhering to standards. You can verify this by switching OFF the "App Gateway" option and see if it goes away. I suspect that this will solve the issue. I will also reach out to a few of you and give you the beta next week.
Thanks Darren. OK, I have unticked 'Application Gateway' (in the client, in my case).
Will check if the problem recurs, which is a bit tricky because it only happens occasionally ... i.e. I can't 'test' it.
Incidentally, I did get another PR_CONNECT_RESET_ERROR with 'Application Gateway' unchecked (I forget which site).
When I unticked 'Execution' (as suggested by Krusty, post #912) the page displayed - may just have been a coincidence.
Just had Firefox display that error in one tab again while trying to access YouTube. Disabled "Execution" and the tab loaded, as expected.
I just installed Webroot and ran a scan. BlackFog was shown to have Trojan w32.backdoor.gen. False positive Anyone else seeing this? Until I know more I left it in place.
I have no doubt it's a FP.
Correct its a false positive. The way these systems work is rather crude, they assume that anything that uses a kernel driver or a certain technique must be bad which is not correct. All security products need to scan processes so invariably have to use low level access to get the data they need to do their work.
We also know about the connect reset error which is related to the SSL checking we are doing. So we just tweaked it a little to be less strict on some servers.
I felt strongly it was a FT. Thanks Darren.
How do all feel about this change to the dashboard UI, removing color for this?
The eye candy is nice, but really no matter to me.
I prefer color. It helps me to tell things apart more easily.
Separate names with a comma.